urlscan.io logo urlscan.io
SecurityTrails logo

friutdragon.click Open in urlscan Pro
104.21.25.248  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://lanwitasatin.best/
Effective URL: https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
Submission: On July 24 via api from BE — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 37 HTTP transactions. The main IP is 104.21.25.248, located in and belongs to CLOUDFLARENET, US. The main domain is friutdragon.click.
TLS certificate: Issued by WE1 on July 15th 2024. Valid for: 3 months.
This is the only time friutdragon.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 162.0.235.57 22612 (NAMECHEAP...)
1 193.124.15.14 398343 (BAXET-GROUP)
1 1 104.21.20.201 13335 (CLOUDFLAR...)
26 104.21.25.248 13335 (CLOUDFLAR...)
1 151.101.130.137 54113 (FASTLY)
1 104.21.96.8 13335 (CLOUDFLAR...)
5 64.233.180.94 15169 (GOOGLE)
3 172.67.150.30 13335 (CLOUDFLAR...)
37 6
1    162.0.235.57 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: business81-4.web-hosting.com
lanwitasatin.best
1    193.124.15.14 (Czech Republic)

ASN398343 (BAXET-GROUP, US)
winkgaze.com
1    104.21.20.201 (None, )

ASN13335 (CLOUDFLARENET, US)
ultimatumscrool.cfd
26    104.21.25.248 (None, )

ASN13335 (CLOUDFLARENET, US)
friutdragon.click
1    151.101.130.137 (San Francisco, United States)

ASN54113 (FASTLY, US)
code.jquery.com
1    104.21.96.8 (None, )

ASN13335 (CLOUDFLARENET, US)
trk-elevostra.com
5    64.233.180.94 (United States)

ASN15169 (GOOGLE, US)
PTR: pe-in-f94.1e100.net
fonts.gstatic.com
3    172.67.150.30 (United States)

ASN13335 (CLOUDFLARENET, US)
event.trk-elevostra.com
Apex Domain
Subdomains		 Transfer
26 friutdragon.click
friutdragon.click
304 KB
5 gstatic.com
fonts.gstatic.com
135 KB
4 trk-elevostra.com
trk-elevostra.com — Cisco Umbrella Rank: 357103
event.trk-elevostra.com — Cisco Umbrella Rank: 369321
3 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 1211
33 KB
1 ultimatumscrool.cfd
ultimatumscrool.cfd
686 B
1 winkgaze.com
winkgaze.com
510 B
1 lanwitasatin.best
lanwitasatin.best
976 B
37 7
Domain Requested by
26 friutdragon.click winkgaze.com
friutdragon.click
code.jquery.com
5 fonts.gstatic.com friutdragon.click
3 event.trk-elevostra.com trk-elevostra.com
1 trk-elevostra.com friutdragon.click
1 code.jquery.com friutdragon.click
1 ultimatumscrool.cfd 1 redirects
1 winkgaze.com
1 lanwitasatin.best 1 redirects
37 8

This site contains no links.

Subject Issuer Validity Valid
winkgaze.com
R11		 2024-07-16 -
2024-10-14		 3 months crt.sh
friutdragon.click
WE1		 2024-07-15 -
2024-10-13		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
trk-elevostra.com
WE1		 2024-06-13 -
2024-09-11		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
Frame ID: BD8A34CB120F0A3AF97AEAB0F3B10BF6
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Time

Page URL History Show full URLs

  1. http://lanwitasatin.best/ HTTP 307
    https://lanwitasatin.best/ HTTP 301
    https://winkgaze.com/0/0/0/85ed5d76d2d5e56478195892463cf2a0/Boilyfe Page URL
  2. https://ultimatumscrool.cfd/492303/35162101/120914784802/0631f4b88767589c1eeac730840f5862x HTTP 302
    https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:_base/js/base|wink).*\.js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

37
Requests

100 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

6
IPs

3
Countries

476 kB
Transfer

715 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lanwitasatin.best/ HTTP 307
    https://lanwitasatin.best/ HTTP 301
    https://winkgaze.com/0/0/0/85ed5d76d2d5e56478195892463cf2a0/Boilyfe Page URL
  2. https://ultimatumscrool.cfd/492303/35162101/120914784802/0631f4b88767589c1eeac730840f5862x HTTP 302
    https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://lanwitasatin.best/ HTTP 307
  • https://lanwitasatin.best/ HTTP 301
  • https://winkgaze.com/0/0/0/85ed5d76d2d5e56478195892463cf2a0/Boilyfe

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Boilyfe
winkgaze.com/0/0/0/85ed5d76d2d5e56478195892463cf2a0/
Redirect Chain
  • http://lanwitasatin.best/
  • https://lanwitasatin.best/
  • https://winkgaze.com/0/0/0/85ed5d76d2d5e56478195892463cf2a0/Boilyfe
153 B
510 B 		Document
General
Check archive.org
Download Go to
Full URL
https://winkgaze.com/0/0/0/85ed5d76d2d5e56478195892463cf2a0/Boilyfe
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.124.15.14 , Czech Republic, ASN398343 (BAXET-GROUP, US),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 24 Jul 2024 09:55:15 GMT
server
nginx/1.12.2
transfer-encoding
chunked
vary
Accept-Encoding

Redirect headers

content-length
795
content-type
text/html
date
Wed, 24 Jul 2024 09:55:15 GMT
location
https://winkgaze.com/0/0/0/85ed5d76d2d5e56478195892463cf2a0/Boilyfe
server
LiteSpeed
x-turbo-charged-by
LiteSpeed
Primary Request fsht
friutdragon.click/ysnm/ceua/pxup/
Redirect Chain
  • https://ultimatumscrool.cfd/492303/35162101/120914784802/0631f4b88767589c1eeac730840f5862x
  • https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
141 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
Requested by
Host: winkgaze.com
URL: https://winkgaze.com/0/0/0/85ed5d76d2d5e56478195892463cf2a0/Boilyfe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddcf10d431004d5663b7590825a418b4db26dd790d3284cf121c5a318f68d6c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://winkgaze.com/0/0/0/85ed5d76d2d5e56478195892463cf2a0/Boilyfe
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8a83089e3d20ac8a-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 24 Jul 2024 09:55:17 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QIR6hr%2BE8z5JmQsj5sORbAz%2FqzDL5Z0Jbb5qEVg3SYhKm3X7RqhuSx76MsChDcoJfYYpGHKyxgSGFj6Ohf8tTV0qyMwOXvEy5qTUiCxguVbiyIES75ANs7iAkJca72tRRkpEhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8a83089a4cd4369e-YYZ
content-type
text/html; charset=UTF-8
date
Wed, 24 Jul 2024 09:55:16 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UVzJGLEeNBQLwPu9tNqSWRMNRrXQPHAH7Sty2J33qh7YewWkRbVVFrOM953%2F0Kuep9p6xQwZm6Nc0CqVwJ2vySBkISyhL4rOyjZzFr9qnlBYbsOd3v1%2BykDg37WWDeZhYmsej3CM"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
css.css
friutdragon.click/fim/442a85fff63dfe107dff7da3068a98b8/ 		26 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://friutdragon.click/fim/442a85fff63dfe107dff7da3068a98b8/css.css
Requested by
Host: friutdragon.click
URL: https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
035f76cad89b4436226962589da4573cdba89378ed3ef64029e73035d4e122c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:55:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-transfer-encoding
binary
content-disposition
inline; filename="/home/verticals/advertorials/views/diet/time-cbdgummies-us/assets/css.css"
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ymMCvnV9hQtbNZYSaEBzmT6FWUm%2Bk2wcUmmoGPotBxhf5eELnHIcd8oUmSX5j2%2B6qno5h7xVWv8CZiCVe5YdPUIuUTmlY7NaRa04FFoZHJisvlKO9pt3iGSh0YXgiOpI%2BU2XAg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
8a8308a32cdbac24-YYZ
expires
Thu, 19 Nov 1981 08:52:00 GMT
jquery-1.12.4.min.js
code.jquery.com/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.12.4.min.js
Requested by
Host: friutdragon.click
URL: https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer
https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:55:17 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
2419727
x-cache
HIT, HIT
content-length
33738
x-served-by
cache-lga21956-LGA, cache-yyz4531-YYZ
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1721814918.685807,VS0,VE0
etag
W/"28feccc0-17b8b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
26700, 35004
jquery.lightbox.css
friutdragon.click/templates/assets/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://friutdragon.click/templates/assets/jquery.lightbox.css
Requested by
Host: friutdragon.click
URL: https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d25030cad5e23aa280c9a65fb19e973700ca57b5cb728d9b036d2207cb42057b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:55:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 22 Dec 2021 15:42:57 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0SN0j%2B1mQxzvBuklYfUar2eL70Vq2gn%2FyO%2B2hgYHVNRdiAWYYhDriPQEHnsOtLMfPgitKswnM86OmKYHLBMLXyza3ht1yM1fnMJ3fpAuVXwO90LkLCXeGQKRGKLwv42TNuum5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8a8308a32cdeac24-YYZ
expires
Wed, 31 Jul 2024 09:55:17 GMT
jquery.lightbox.js
friutdragon.click/templates/assets/ 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friutdragon.click/templates/assets/jquery.lightbox.js
Requested by
Host: friutdragon.click
URL: https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c78ce6b6d1928630b903084ea9d503643f303ba05455860cc7cd17f7687cc65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:55:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
64417
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 20 Dec 2021 21:49:45 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UeQG9KbNFlI0y9ukTe7JefkARnQolHhxuWmNsf5cCsqBLHSC2Qz%2FTGi7q6iow7Avc0PqoVP%2FCRUcbgF3BGDqSE%2FvOPzE%2FoWWdeEPwWZje2lWfqSv4Hbl9QJoLhkWwejFepvIaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8a8308a32cdfac24-YYZ
expires
Tue, 30 Jul 2024 16:01:40 GMT
msg.v3.js
friutdragon.click/inc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friutdragon.click/inc/msg.v3.js?66a0cf85564c5
Requested by
Host: friutdragon.click
URL: https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fefa3e85fed59b89802e41266cac25ccf6e15137f69b18b14f783e1719207106
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:55:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 Jul 2024 13:46:56 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PabxQBue79WPxgKRHldtLsJv8mIdN5fB74%2ByZ8f0PJNlIW4NzAfPb9Z1ycAMU%2FS4HXEsFRx5maF25oyzx65Rk0hX%2BipG56p6qtz6ctp2N93h9zpe7%2F6hsv3RXWNkHdRVeOhP%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8a8308a32ce0ac24-YYZ
expires
Wed, 31 Jul 2024 09:55:17 GMT
functions.js
friutdragon.click/templates/assets/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friutdragon.click/templates/assets/functions.js?v=1721814917
Requested by
Host: friutdragon.click
URL: https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
815db6a80b6646515586611f4354a32fd54b808d281c7d3a91c8837ee8b237b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:55:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 Jul 2024 18:11:07 GMT
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UkFl870L8M1jGgdbMiXZ5j5cXkfvk52FFHAA7HU2OnjmDfpqHo%2Bb4Ipjl0sbPFRSYfDJY3g0GJK8mPIyqSkALfspzNpObEWgR1gePGd%2BZYyRSPk49wUBSGxOXpI1Pna4NbWZOw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
cf-ray
8a8308a32ce1ac24-YYZ
expires
Wed, 31 Jul 2024 09:55:17 GMT
email-decode.min.js
friutdragon.click/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://friutdragon.click/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: friutdragon.click
URL: https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:55:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2024 17:12:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6696a9e8-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZFfgwNAVaeYpfGT9WOWy5r60ZhoVwn%2BV9pPhidRS3dkIzYbamokLS%2Bz3DE8RVBzMYGMwRak7TYe5MFqXOAAfDKNtelVJnTK4OTvRn9j4ynaLrxIsNiCI5wKAdtfvl5ZlEHbjBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8a8308a32ce2ac24-YYZ
expires
Fri, 26 Jul 2024 09:55:17 GMT
v9e118mez8
trk-elevostra.com/scripts/push/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-elevostra.com/scripts/push/v9e118mez8
Requested by
Host: friutdragon.click
URL: https://friutdragon.click/inc/msg.v3.js?66a0cf85564c5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.96.8 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0023a8f8391b10006ee27598323de8d0e3d019755e8f7a16e88464b1aef00b39
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:55:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3730
alt-svc
h3=":443"; ma=86400
content-length
2519
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 24 Jul 2024 08:53:08 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/javascript;charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FanBFd2Rp7u7zCqdCzax6uNZqRuLM870UaoU8MceDABHj43PMenU651K8%2Fp3iakL%2FFWaYxqazj8B5mrXpkSfq%2BJwc4OQMu%2FLySPsDXZoTv6A6wEEthj5w99Qen89D8dhoqkQAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
accept-ranges
bytes
cf-ray
8a8308a61d29aae6-YYZ
expires
0
fsht
friutdragon.click/ysnm/ceua/pxup/ 		41 B
576 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.12.4.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa5bb2d12a790b8d33ddafb4960e1cd572a94948a0e240bfeb3dfc9d7d83b784
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 24 Jul 2024 09:55:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CCLg%2FFV7UoGB3KrlnVscIHG624Q8NT53QfabVD4dsHFp7a9golja0uh3avHhy%2FZ2fHjk6%2B1NDIQlNSa8%2FbWwuCFzR3uk%2B%2B3DkDRAOfapTGo0k%2BHk9%2FBkxY%2BKGZmUzvmuGeThmA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
8a8308a52d87ac24-YYZ
expires
Thu, 19 Nov 1981 08:52:00 GMT
tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
fonts.gstatic.com/s/droidserif/v13/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidserif/v13/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
Requested by
Host: friutdragon.click
URL: https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.180.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pe-in-f94.1e100.net
Software
sffe /
Resource Hash
9f0624a5f72fa4c0942c21c83960fd1f80b6a49391d27a616a758b098672a00a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://friutdragon.click/
Origin
https://friutdragon.click
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 09:11:34 GMT
x-content-type-options
nosniff
age
348224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22492
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:03:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Jul 2025 09:11:34 GMT
tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2
fonts.gstatic.com/s/droidserif/v13/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidserif/v13/tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2
Requested by
Host: friutdragon.click
URL: https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.180.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pe-in-f94.1e100.net
Software
sffe /
Resource Hash
ad15918ec10a62580864ae3198a9d9545f260fe70e6cb9aa65901a5b02584fec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://friutdragon.click/
Origin
https://friutdragon.click
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 11:14:03 GMT
x-content-type-options
nosniff
age
340875
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25984
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:03:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Jul 2025 11:14:03 GMT
tDbX2oqRg1oM3QBjjcaDkOr4lLz5CwOnSA.woff2
fonts.gstatic.com/s/droidserif/v13/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidserif/v13/tDbX2oqRg1oM3QBjjcaDkOr4lLz5CwOnSA.woff2
Requested by
Host: friutdragon.click
URL: https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.180.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pe-in-f94.1e100.net
Software
sffe /
Resource Hash
e488b6a49159d34d6cd22d7379048db9476b146756cca403b21d3f032b76ac10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://friutdragon.click/
Origin
https://friutdragon.click
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 12:18:31 GMT
x-content-type-options
nosniff
age
337007
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23508
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Jul 2025 12:18:31 GMT
tDbK2oqRg1oM3QBjjcaDkOr4nAfcHg.woff2
fonts.gstatic.com/s/droidserif/v13/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/droidserif/v13/tDbK2oqRg1oM3QBjjcaDkOr4nAfcHg.woff2
Requested by
Host: friutdragon.click
URL: https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.180.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pe-in-f94.1e100.net
Software
sffe /
Resource Hash
629eb98fdc13c8240c7e854c897a9b0ca30127e0ea32fafea172d898398c2d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://friutdragon.click/
Origin
https://friutdragon.click
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 10:29:53 GMT
x-content-type-options
nosniff
age
343525
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20528
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:04:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Jul 2025 10:29:53 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: friutdragon.click
URL: https://friutdragon.click/fim/442a85fff63dfe107dff7da3068a98b8/css.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.180.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pe-in-f94.1e100.net
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://friutdragon.click/
Origin
https://friutdragon.click
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 20 Jul 2024 14:27:56 GMT
x-content-type-options
nosniff
age
329242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Jul 2025 14:27:56 GMT
120b560842dc6e97ed972b17df555b19.png
friutdragon.click/fim/1978/ 		99 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friutdragon.click/fim/1978/120b560842dc6e97ed972b17df555b19.png
Requested by
Host: friutdragon.click
URL: https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b3ee8e6d9e14a3d61b1265487d1b0d7bf6c03100e9faf4aad3ba7a009def826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:55:18 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
99
x-xss-protection
1; mode=block
last-modified
Wed, 24 Jul 2024 09:55:17 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y1L12MeG2ioazGg0M941qqP3BF1PhrB2lVNZ%2Bo37GM%2F87QEDYYbNg%2BcnRIKNa6JaLVODD%2FMouhUbzwDnb6TkvYSZ7gZtOfEWW8Pqv720Re03KwkSw6wPYpY64VF1xXsmqS2Nvg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8a8308a59daeac24-YYZ
expires
Wed, 31 Jul 2024 09:55:18 GMT
837990420ea03ab4be5a38f4c267d55a.jpg
friutdragon.click/fim/1978/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friutdragon.click/fim/1978/837990420ea03ab4be5a38f4c267d55a.jpg
Requested by
Host: friutdragon.click
URL: https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c744a8e2d4a7419451eb076ee29d6578a88fb687004ec774d1b91bfdcd5e25f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:55:18 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
9070
x-xss-protection
1; mode=block
last-modified
Wed, 24 Jul 2024 09:55:17 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4M07C%2BUdxwT1OPOjKUFYhbI2oXF46%2BDTV41fiH8wuuPSfY5kktWcdmU8c0Pd0jOq%2BC2CZPbOp7L4SEe37zm%2FNLiBhbT1BS79nnHkxsTlwV8L5p5NkdcBICoHI1ZlDFQJFU%2BVyA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8a8308a5adafac24-YYZ
expires
Wed, 31 Jul 2024 09:55:18 GMT
b0dd6e5437ba66ccf8adf49b8bd5ae67.png
friutdragon.click/fim/1978/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friutdragon.click/fim/1978/b0dd6e5437ba66ccf8adf49b8bd5ae67.png
Requested by
Host: friutdragon.click
URL: https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02f0259d9bbb66a2aaec55123504b42de9ed4e1904638a65982561272de253d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:55:18 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
2285
x-xss-protection
1; mode=block
last-modified
Wed, 24 Jul 2024 09:55:17 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ErOQpjOt1PJpmaUvQG0woaiH9ZSGBiq216U9DHHvrr85Wght1VkRMVd8sxu%2F%2BNZyamPjR5dphsnRXf7pIs36cz%2Baj%2FgfeOPfbRytOsxQjS7xBxV3TwwZmKHpOu95zyfWPMHdQg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8a8308a5adb0ac24-YYZ
expires
Wed, 31 Jul 2024 09:55:18 GMT
767e6a674ddab2473efa152829c39503.png
friutdragon.click/fim/1978/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friutdragon.click/fim/1978/767e6a674ddab2473efa152829c39503.png
Requested by
Host: friutdragon.click
URL: https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5296d0e92cb0f420a6fd9816474268ea1e0a3cea4bf6d857936c20bb5b58426c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:55:18 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3641
x-xss-protection
1; mode=block
last-modified
Wed, 24 Jul 2024 09:55:17 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WV7FiqX%2Bc35czJRrG2KVwr%2FCDNP5unCdJPm1%2FAAJ0fR6ds9wXcGv1X5sN8J3P1y4GjO2f65ez6EWO8Hi77ONqKRoMznjxwg6VdcvxUcWQPyJbhHhSl7DY6oepPLP9eIem%2BJF%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8a8308a5adb2ac24-YYZ
expires
Wed, 31 Jul 2024 09:55:18 GMT
3e228c367da4a8cd0be8b06a3cb76bbe.png
friutdragon.click/fim/1978/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friutdragon.click/fim/1978/3e228c367da4a8cd0be8b06a3cb76bbe.png
Requested by
Host: friutdragon.click
URL: https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a67bc906013240c2e7d1f75a4390cc2aea2c600e65b212b417374aa7cbd52b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:55:18 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3506
x-xss-protection
1; mode=block
last-modified
Wed, 24 Jul 2024 09:55:17 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=chjBbsD95gptmmojtERogwnPobWVe75R%2FU4VLKUOAUHnK7N4SQ%2F7IEw09XbmJdOcQkj3a15SiD%2FzKZKoyxNre5V2QPZ6IfzInnoGvoRhBVDLqLdIrZ6tszuEi%2FhKnsWGNPi2%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8a8308a5adb3ac24-YYZ
expires
Wed, 31 Jul 2024 09:55:18 GMT
7d49a8f705a982322dbb9367ee7b87c7.png
friutdragon.click/fim/1978/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friutdragon.click/fim/1978/7d49a8f705a982322dbb9367ee7b87c7.png
Requested by
Host: friutdragon.click
URL: https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
228f37312f6e71cce2401c315d122ea49b9091ca5c122f2ae3b8ab1bcada5c0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:55:18 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3902
x-xss-protection
1; mode=block
last-modified
Wed, 24 Jul 2024 09:55:17 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u%2FOf8nZt%2BpLB4DqYsD93aoIV3ClLnXcJ57sQgyVZN4daPUGwu5uQRBmqWf3p7ztMQ2B62DsP2lkuqG%2FyOco2R9w4KE4MDv7FSbpCm%2FCmhnUhK6VXFB17nHbFA6KspF0Bi5zX4w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8a8308a5adb5ac24-YYZ
expires
Wed, 31 Jul 2024 09:55:18 GMT
7bcf9bf1551694ab081f6f352e1e6a7d.png
friutdragon.click/fim/1978/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friutdragon.click/fim/1978/7bcf9bf1551694ab081f6f352e1e6a7d.png
Requested by
Host: friutdragon.click
URL: https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c7b8cec8ffa7d306c2969c7323a2194f9e96ab8f1a8396960c8507e1f901baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:55:18 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
3444
x-xss-protection
1; mode=block
last-modified
Wed, 24 Jul 2024 09:55:17 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qICbbTA2obYjLx%2F%2FOamKfWrNbwHtY79OMecwMj2sV%2BdoGIOuB9XwsTaMhpgRHIekJzd03h5VizTOFaEygMD0KHzwsZ4Ol8bs2C7rNBWWMb3KHQojl9nIwMBizdUCTYAkxacMzA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8a8308a5adb6ac24-YYZ
expires
Wed, 31 Jul 2024 09:55:18 GMT
8df02322b34e064721971e72ebaf6b2a.png
friutdragon.click/fim/1978/ 		889 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friutdragon.click/fim/1978/8df02322b34e064721971e72ebaf6b2a.png
Requested by
Host: friutdragon.click
URL: https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e197d8b6e13da41ad1d581a9028caf09bd95a6d6cd7ef883b801ee3581ab0da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:55:18 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
889
x-xss-protection
1; mode=block
last-modified
Wed, 24 Jul 2024 09:55:17 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OcjP%2BaDr%2FGKR2MtNTMCkFHW%2BUPZxxbWbnaAC3BLV8uqW5SglsK45ApnYbTPdSb8z64fL2ALG7HuXG0jHJ4R6LXv0X9O7%2BwnQd2XWti30%2B71hVPW2b4d8NJbllRVShUbgkAmUzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8a8308a5adb7ac24-YYZ
expires
Wed, 31 Jul 2024 09:55:18 GMT
00261a11155d3498df8c406513dd01e4.jpg
friutdragon.click/fim/1978/ 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friutdragon.click/fim/1978/00261a11155d3498df8c406513dd01e4.jpg
Requested by
Host: friutdragon.click
URL: https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5012c5e96194c7dc97c2a8a9fc40d2d34491f05dac15ec8aa79c5eeb190ea3fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:55:18 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
75728
x-xss-protection
1; mode=block
last-modified
Wed, 24 Jul 2024 09:55:17 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UQunRp%2B7tu8TN9C%2F%2Bhwxsfp7roZwGtdoqxE8lRHmDfb3ETBo3QgpY81vp6R4n4QXoxk4wEPmvA6CDwnXZATU11sh80YKNT37fLrg9ma1KvG1V1nDIq1Muohh8Mem8tCslduRqA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8a8308a5adb8ac24-YYZ
expires
Wed, 31 Jul 2024 09:55:18 GMT
9ab8e607e69c34c03ace9447ab782337.jpg
friutdragon.click/fim/1978/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friutdragon.click/fim/1978/9ab8e607e69c34c03ace9447ab782337.jpg
Requested by
Host: friutdragon.click
URL: https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0965fa5b77c45aaee3f5d14d2b3ec454510844c9087f8f0e07efdfe89ebb95df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:55:18 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
41123
x-xss-protection
1; mode=block
last-modified
Wed, 24 Jul 2024 09:55:17 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oC6OT%2FEx%2F4jOPcwdE24ij9C5KB5vGYn8hcS1Q%2FylxEZFdzwqkDYi8Io7zps3ZJCYXnRDcLLL3nktoU3chWLVwS4%2FHrrrmEmMU24sAfJbTK%2BapUAKVko5zuYAWiDOid5HAtSoDw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8a8308a5adbaac24-YYZ
expires
Wed, 31 Jul 2024 09:55:18 GMT
3845539b494ad8939ad61e2a4a827ac5.jpg
friutdragon.click/fim/1978/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friutdragon.click/fim/1978/3845539b494ad8939ad61e2a4a827ac5.jpg
Requested by
Host: friutdragon.click
URL: https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87dda1ae73660b010a946e162d8da3dfa6f4d15a7fbe23ede6a17d603e46107e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:55:18 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
72765
x-xss-protection
1; mode=block
last-modified
Wed, 24 Jul 2024 09:55:17 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/jpeg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H0Nl34XA%2F9jlQv1gbe35OjHh%2FUpV25CPXh366VLiloC5CKD8eS4EZqY3t1QwGzUDXQNauGzuithP%2BW6iKes4j16AQ%2B6hIJcLDHyhNqrpIcEEyhX1ZzJKrM99antNd0he%2B%2Fd3BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8a8308a5adbbac24-YYZ
expires
Wed, 31 Jul 2024 09:55:18 GMT
36fa4dd355290d9be035def15d5c19ca.png
friutdragon.click/fim/1978/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friutdragon.click/fim/1978/36fa4dd355290d9be035def15d5c19ca.png
Requested by
Host: friutdragon.click
URL: https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5a5240ba706e4347d22956ea38cf5cef5143300cae681f08c33607970ee1b9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:55:18 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
7250
x-xss-protection
1; mode=block
last-modified
Wed, 24 Jul 2024 09:55:17 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jYvX8AoSKVFaDDlz8b0GmzOR6j9etTGHoAeyhYQK96vi0LzUxBvShnyvghu9CiJYkBN1rMdVlOOacNO64QGx%2B61eySZ%2FgOQJKgs8xSqhZ4amM8dLMJq1%2BH9%2BNBgmlEXWFn2pdw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8a8308a5adbcac24-YYZ
expires
Wed, 31 Jul 2024 09:55:18 GMT
8364532a6b554254dabb345df8731dea.png
friutdragon.click/fim/1978/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friutdragon.click/fim/1978/8364532a6b554254dabb345df8731dea.png
Requested by
Host: friutdragon.click
URL: https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70ff6dcd44f862ce7e44e632057f2ce9e3c565b7eaa34cab2a84aa3d7e543fc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:55:18 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
6782
x-xss-protection
1; mode=block
last-modified
Wed, 24 Jul 2024 09:55:17 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bXB2FXEymiJeEbQIsqpxgN1B6k%2FCvrDFa%2FG89ids1yFXUffeTdtVW9gD6nJWyQGD2GAW6%2BhZF5W94ThcpOCbfJ5FTgQnDkLDkHplnpidadbOyDysUFNJcv1zKM1djQhwcHnaug%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8a8308a5adbdac24-YYZ
expires
Wed, 31 Jul 2024 09:55:18 GMT
c446938a59f5f4c92dafe068dd001f00.png
friutdragon.click/fim/1978/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friutdragon.click/fim/1978/c446938a59f5f4c92dafe068dd001f00.png
Requested by
Host: friutdragon.click
URL: https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a63b563ea40a07a77a88769d35bf7263d98e473181156d24838124eeea30071a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:55:18 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
5515
x-xss-protection
1; mode=block
last-modified
Wed, 24 Jul 2024 09:55:17 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CaiVNtCTFuny79RKwlfwFHcaIzlA2AOjPvLwOZbeBqolEfE0i2Q0wQ9akBQYHFJwyogOMeksyZXq5RA6A20gkZsLxtvZxDbtdRhIG2%2BSCnI2yR590z10FOTyFRnwxsP4Hsmxkw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8a8308a5adbeac24-YYZ
expires
Wed, 31 Jul 2024 09:55:18 GMT
29765ca70a55192b8fa3aff278de6380.png
friutdragon.click/fim/1978/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friutdragon.click/fim/1978/29765ca70a55192b8fa3aff278de6380.png
Requested by
Host: friutdragon.click
URL: https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c17337e4b1d858a800d0ee1bd2f39ca1c506cd6379e244b721d9310a269d77ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:55:18 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
9416
x-xss-protection
1; mode=block
last-modified
Wed, 24 Jul 2024 09:55:17 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VtSV1oab4gYtPrkif%2Bd6nuMbTb6wIDw4EqqGBvrabfhUjHXQ80xCPNoaZkzSGMzHR7QyeXRsrR2D8gW1AmhABIR%2FFBdEjR06oefuimJn7PfmxPl%2BDZvrC%2FF88VgskSzPEcOtlA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8a8308a5adbfac24-YYZ
expires
Wed, 31 Jul 2024 09:55:18 GMT
2280aeea30d590616230868904cdbb6e.png
friutdragon.click/fim/1978/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://friutdragon.click/fim/1978/2280aeea30d590616230868904cdbb6e.png
Requested by
Host: friutdragon.click
URL: https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5688425db81db467c92a1ff814b9bf8b99267e348b1ca31efbf1a53d6c8396b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:55:18 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
5400
x-xss-protection
1; mode=block
last-modified
Wed, 24 Jul 2024 09:55:17 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
User-Agent,User-Agent, Accept-Encoding
content-type
image/png
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0piugqGKhHyst%2BwgItl0%2BgjfqSCLzGF6k4tyGcacF3H%2F%2FXVsxby7RLy3evYn%2BMF6UZ1Rfx9tFVPlSNtbUMtY3k0%2F01kJhl9WRDgz9ie9TQZyCySY%2FDaXfxo2V9Z%2FCaa5hpURVw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
8a8308a5adc0ac24-YYZ
expires
Wed, 31 Jul 2024 09:55:18 GMT
/
friutdragon.click/ 		25 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://friutdragon.click/
Requested by
Host: friutdragon.click
URL: https://friutdragon.click/inc/msg.v3.js?66a0cf85564c5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c17435e1a09ed89d29dab00015da616c16e39da1c5daf5f8c8026dcbcf5836a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 24 Jul 2024 09:55:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-frame-options
SAMEORIGIN
content-type
application/json
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lFRV59UdiiwLQjF2rPCDOCCWW7wYuYifKDmXsdv66ESxIU%2FkdAXtQRIQQXpe4W9z04czfIjpbSz9slrSSq%2F%2BoPRCy2xBfoM5rmfr3xBv4SBqhaPUeFV302ixyVCwCW0zb0b%2FZw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate
cf-ray
8a8308a66e1bac24-YYZ
expires
Thu, 19 Nov 1981 08:52:00 GMT
favicon.ico
friutdragon.click/ 		796 B
901 B 		Other
General
Check archive.org
Download Go to
Full URL
https://friutdragon.click/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 24 Jul 2024 09:55:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent,User-Agent, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/html
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DcJRL4N8k5q3mhERKF%2F%2Fp%2BBgvp2M2BmOt3YPJhQfoHM5i7ZUqLKfFQaDznZ%2FAOWRiK9B9f2aNAUX3rGsOqqmHhPfQ73e1FeP9SzgZchCub4AKa4aYZU0qqa11hgyNQr490qQzA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
cf-ray
8a8308af59cbac24-YYZ
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
v9e118mez8
event.trk-elevostra.com/register/event_log/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.trk-elevostra.com/register/event_log/v9e118mez8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.150.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://friutdragon.click
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8a8308b0dc4f39f2-YYZ
content-length
0
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
date
Wed, 24 Jul 2024 09:55:19 GMT
expires
0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LzMvPm0jUsUMpMsMnTs0yQz%2F7UUiYKkFATr59NQUKM0%2FZvz%2BpzziWSkv0dGiNOiq%2BP05c1cI8lF1ElNlf7SXHlZxLgeUFd58DIb85zXD8WW%2FFZ1ySesKbI9E%2F%2FFAvuy2OzU4sVWM8hEbjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
v9e118mez8
event.trk-elevostra.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-elevostra.com/register/event_log/v9e118mez8
Requested by
Host: trk-elevostra.com
URL: https://trk-elevostra.com/scripts/push/v9e118mez8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.150.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Wed, 24 Jul 2024 09:55:19 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OkvPRVhLKWgLxl1%2FO0GQ7%2FG%2BEv%2Bqtz9GTDIwXHUgCWfj6PMjXByKz6DLp6Ii84ftTSfKp75PVArBh4RucDa6LUumcjES976Hwv88l8Bi7qa74aMHNBKzhsXjup8NmmGTECF%2FDAZsTeQetw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
8a8308b17c9b39f2-YYZ
x-pushplatformapp-params
v9e118mez8
event.trk-elevostra.com/register/event_log/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.trk-elevostra.com/register/event_log/v9e118mez8
Requested by
Host: trk-elevostra.com
URL: https://trk-elevostra.com/scripts/push/v9e118mez8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.150.30 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type
application/json

Response headers

expires
0
date
Wed, 24 Jul 2024 09:55:21 GMT
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src * 'self' https://* blob: data:; font-src 'self' data:
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-pushplatformapp-alert
pushPlatformApp.pushSubscription.deleted
alt-svc
h3=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CdUT8ct7k1W7AkXMR%2Fjqz%2FyGbLvzKzJb6xLORHp%2BDygS%2BMCTE43zpvHkyFJ5%2BWQctPSGYr%2F2Q7OVe4yS7PeG0wgbdUtTB7ZQxftPe8KTL%2BYAaZaGd3ApKcj6ZX78OMaVS47wTDEf%2Bu2ofg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
access-control-expose-headers
Authorization, Link, X-Total-Count, X-pushPlatformApp-alert, X-pushPlatformApp-error, X-pushPlatformApp-params
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
camera=(), fullscreen=(self), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=()
cf-ray
8a8308b88ef739f2-YYZ
x-pushplatformapp-params

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| today function| pushCount object| MYCALL string| s1 string| s2 string| fp string| esource string| pshpub string| pshdomain string| pshfingerprint function| sendNotify string| popUrl string| popUrlData function| getPopUrl function| saveProduct function| isPromise function| runPopunder function| popunder function| firePopunderPixel function| mfq_tags string| s3 function| change function| generatePassword function| lazyload function| urlBase64ToUint8Array function| pullUrlParams function| push_subscribe function| push_subscribe_promise function| setIfNull function| logPushEvent function| push_unsubscribe function| push_init function| setSessionId function| setUtm function| getSessionId function| getUrlVars function| getDomainName function| getStore function| setAttributes

3 Cookies

Domain/Path Name / Value
winkgaze.com/ Name: uid4923
Value: 1209147848-20240724055515-6469317499ea7ef5b8933a9a822ad94c-
ultimatumscrool.cfd/ Name: PHPSESSID
Value: 4756d31bc5106f230c59952f0aa8c983
friutdragon.click/ Name: PHPSESSID
Value: afd7e8a7292b2dfe603dfc42efd28cc0

2 Console Messages

Source Level URL
Text
network error URL: https://friutdragon.click/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
other error URL: https://friutdragon.click/ysnm/ceua/pxup/fsht?7b8e7452e624f926eb80b88c8b10929a
Message:
Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
event.trk-elevostra.com
fonts.gstatic.com
friutdragon.click
lanwitasatin.best
trk-elevostra.com
ultimatumscrool.cfd
winkgaze.com
104.21.20.201
104.21.25.248
104.21.96.8
151.101.130.137
162.0.235.57
172.67.150.30
193.124.15.14
64.233.180.94
0023a8f8391b10006ee27598323de8d0e3d019755e8f7a16e88464b1aef00b39
02f0259d9bbb66a2aaec55123504b42de9ed4e1904638a65982561272de253d1
035f76cad89b4436226962589da4573cdba89378ed3ef64029e73035d4e122c5
0965fa5b77c45aaee3f5d14d2b3ec454510844c9087f8f0e07efdfe89ebb95df
228f37312f6e71cce2401c315d122ea49b9091ca5c122f2ae3b8ab1bcada5c0b
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2e197d8b6e13da41ad1d581a9028caf09bd95a6d6cd7ef883b801ee3581ab0da
5012c5e96194c7dc97c2a8a9fc40d2d34491f05dac15ec8aa79c5eeb190ea3fc
5296d0e92cb0f420a6fd9816474268ea1e0a3cea4bf6d857936c20bb5b58426c
629eb98fdc13c8240c7e854c897a9b0ca30127e0ea32fafea172d898398c2d5d
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6c78ce6b6d1928630b903084ea9d503643f303ba05455860cc7cd17f7687cc65
70ff6dcd44f862ce7e44e632057f2ce9e3c565b7eaa34cab2a84aa3d7e543fc3
7b3ee8e6d9e14a3d61b1265487d1b0d7bf6c03100e9faf4aad3ba7a009def826
7c7b8cec8ffa7d306c2969c7323a2194f9e96ab8f1a8396960c8507e1f901baf
815db6a80b6646515586611f4354a32fd54b808d281c7d3a91c8837ee8b237b5
87dda1ae73660b010a946e162d8da3dfa6f4d15a7fbe23ede6a17d603e46107e
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8c17435e1a09ed89d29dab00015da616c16e39da1c5daf5f8c8026dcbcf5836a
9f0624a5f72fa4c0942c21c83960fd1f80b6a49391d27a616a758b098672a00a
a63b563ea40a07a77a88769d35bf7263d98e473181156d24838124eeea30071a
ad15918ec10a62580864ae3198a9d9545f260fe70e6cb9aa65901a5b02584fec
c17337e4b1d858a800d0ee1bd2f39ca1c506cd6379e244b721d9310a269d77ed
c4b07931b3fc37bc80d56a367783e7fa7c04ced4befec7f57ed079c38c960400
c5688425db81db467c92a1ff814b9bf8b99267e348b1ca31efbf1a53d6c8396b
c744a8e2d4a7419451eb076ee29d6578a88fb687004ec774d1b91bfdcd5e25f1
d25030cad5e23aa280c9a65fb19e973700ca57b5cb728d9b036d2207cb42057b
d5a5240ba706e4347d22956ea38cf5cef5143300cae681f08c33607970ee1b9f
d5a67bc906013240c2e7d1f75a4390cc2aea2c600e65b212b417374aa7cbd52b
ddcf10d431004d5663b7590825a418b4db26dd790d3284cf121c5a318f68d6c0
e488b6a49159d34d6cd22d7379048db9476b146756cca403b21d3f032b76ac10
fa5bb2d12a790b8d33ddafb4960e1cd572a94948a0e240bfeb3dfc9d7d83b784
fefa3e85fed59b89802e41266cac25ccf6e15137f69b18b14f783e1719207106